Human Risk Management Blog

The Ransomware Threat: Still Alive and Kicking

Many organizations, after a period of relative quiet, might believe the ransomware bubble has burst. The headlines may have shifted, and other emerging cyber threats might seem to ...

CyberheistNews Vol 15 #20 How to Protect Your Business from Scattered Spider's Latest Attack Methods

Beware of Coinbase Scams

I got this Coinbase-related scam in my personal inbox last week.

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.

Agentic AI Ransomware Is On Its Way

Agentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026.

Email-based Attacks Accounted for Most Cyber Insurance Claims Last Year

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.

KnowBe4 Leads the Charge Against Cybersecurity Threats with Unmatched AI Capabilities

When it comes to artificial intelligence (AI) and human risk management (HRM), not all AI is created equal.

How to Protect Your Business from Scattered Spider's Latest Attack Methods

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.

The Clock Is Ticking: Why Phishing Remains The Fastest-Moving Cyber Threat in 2025

Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: ...

CyberheistNews Vol 15 #19 [Heads Up] Talos Report Shows Phishing Attacks Surged in Q1 2025

Cybercriminals Use Telegram Bots to Exfiltrate Data In Phishing Kit Campaign

KnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination ...

You Are Still Vulnerable to Password Attacks When Using Passkeys

Just because you’re using a passkey doesn’t mean your password is gone.

Phishing Kits Are Growing More Sophisticated; Focused on Bypassing MFA

Researchers at Cisco Talos warn that major phishing kits continue to incorporate features that allow them to bypass multi-factor authentication (MFA).

Talos Report: Phishing Attacks Surged in Q1 2025

Phishing was the initial access vector in 50% of attacks during the first quarter of 2025, according to a new report from Cisco Talos.

Warning: Phishing Campaign Impersonates the US Social Security Administration

Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool.

CyberheistNews Vol 15 #18 [Eye Opener] Sneaky New Attack. What is Device Code Phishing?

Your KnowBe4 Compliance Plus Fresh Content Updates from April 2025

Check out the April updates in Compliance Plus so you can stay on top of featured compliance training content.

Your KnowBe4 Fresh Content Updates from April 2025

Check out the 21 new pieces of training content added in April, alongside the always fresh content update highlights, new features and events.

Exciting Leadership Updates at KnowBe4

To our valued KnowBe4 customers, partners, and community. I wanted to share some exciting developments happening at KnowBe4.

Xfinity Scam Might Explain Similar Scams

Recently, I covered a T-Mobile scam where a friend of mine narrowly avoided losing money. In that scam, the attackers called up pretending to be from T-Mobile offering him a ...